// package com.lc.cms.config;
//
// import com.lc.cms.filter.TokenFilter;
// import org.springframework.beans.factory.annotation.Autowired;
// import org.springframework.context.annotation.Bean;
// import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
// import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
// import org.springframework.security.config.annotation.web.builders.HttpSecurity;
// import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
// import org.springframework.security.config.http.SessionCreationPolicy;
// import org.springframework.security.core.userdetails.UserDetailsService;
// import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
// import org.springframework.security.web.AuthenticationEntryPoint;
// import org.springframework.security.web.authentication.AuthenticationFailureHandler;
// import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
// import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
// import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
//
// /**
//  * spring security配置
//  *
//  * @author 小威老师 xiaoweijiagou@163.com
//  * <p>
//  * 2017年10月16日
//  */
// @EnableGlobalMethodSecurity(prePostEnabled = true)
// public class SecurityConfig extends WebSecurityConfigurerAdapter {
//
//     private final AuthenticationSuccessHandler authenticationSuccessHandler;
//     private final AuthenticationFailureHandler authenticationFailureHandler;
//     private final LogoutSuccessHandler logoutSuccessHandler;
//     private final AuthenticationEntryPoint authenticationEntryPoint;
//     private final UserDetailsService userDetailsService;
//     private final TokenFilter tokenFilter;
//
//     @Autowired
//     public SecurityConfig(AuthenticationSuccessHandler authenticationSuccessHandler, AuthenticationFailureHandler authenticationFailureHandler, LogoutSuccessHandler logoutSuccessHandler, AuthenticationEntryPoint authenticationEntryPoint, UserDetailsService userDetailsService, TokenFilter tokenFilter) {
//         this.authenticationSuccessHandler = authenticationSuccessHandler;
//         this.authenticationFailureHandler = authenticationFailureHandler;
//         this.logoutSuccessHandler = logoutSuccessHandler;
//         this.authenticationEntryPoint = authenticationEntryPoint;
//         this.userDetailsService = userDetailsService;
//         this.tokenFilter = tokenFilter;
//     }
//
//     @Bean
//     public BCryptPasswordEncoder bCryptPasswordEncoder() {
//         return new BCryptPasswordEncoder();
//     }
//
//     @Override
//     protected void configure(HttpSecurity http) throws Exception {
//         http.csrf().disable();
//
//         // 基于token，所以不需要session
//         http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
//
//         http.authorizeRequests()
//                 .antMatchers("/", "/*.html", "/favicon.ico", "/css/**", "/js/**", "/fonts/**", "/layui/**", "/img/**",
//                         "/v2/api-docs/**", "/swagger-resources/**", "/webjars/**", "/pages/**", "/druid/**",
//                         "/statics/**")
//                 .permitAll().anyRequest().authenticated();
//         http.formLogin().loginProcessingUrl("/login")
//                 .successHandler(authenticationSuccessHandler).failureHandler(authenticationFailureHandler).and()
//                 .exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);
//         http.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
//         // 解决不允许显示在iframe的问题
//         http.headers().frameOptions().disable();
//         http.headers().cacheControl();
//
//         http.addFilterBefore(tokenFilter, UsernamePasswordAuthenticationFilter.class);
//     }
//
//     @Override
//     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//         auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
//     }
// }
